the hardware root of trust has the (publicly available) AOSP test keys installed
Has anyone independently verified that this is the case for the FP4? It’s well known that the FP3 accepts testsigned ROMs, but all discussions regarding the FP4’s trusted keys points back to the same FP3-specific thread on Fairphone’s forum.
Personally I’m happy that I can sign and run my own ROM on my FP3 when the device’s OS reaches the end of the runway. The privacy concerns are valid, but personally I’d just reflash the onboard storage using FP’s tools if I was concerned about OS tampering
Hot take:
The Fairphone isn’t privacy-focused, it’s just a highly repairable device for what it is. I think it’s difficult to have both a privacy-focused & repairable platform in the form factor of a mobile phone right now - no manufacturer cares to make such a device, and if they did would you trust it? So many mobile hardware components are closed source and proprietary, so if they’ve got a vulnerability, the device is compromised anyway.
Pixels and iPhones are really the only exception to this that I’m aware of, but those aren’t really comparable to the Fairphone for repairability, with serialised components and difficult battery replacement being high up on the list.
It is definitely possible to have a well-implemented device from a privacy perspective, but I think it would be difficult to make a justifiable business case for one. The current Pixel+GOS model is the closest we’ll get for privacy IMO.
The Fairphone isn’t privacy-focused, it’s just a highly repairable device for what it is.
The Fairphone is just hardware. Privacy is mostly about software.
I think it’s difficult to have both a privacy-focused & repairable platform in the form factor of a mobile phone right now - no manufacturer cares to make such a device
The Fairphone is just hardware. Privacy is mostly about software
I was thinking more from the perspective of how much the closed-source proprietary hardware in the Fairphone can be trusted to guarantee your privacy. I had devices like the Pinephone and Librem phone in mind, which provide physical switches for the camera, microphone, GPS and mobile modem.
Another user gave the example I would have used here, where the GPS subsystem in Qualcomm devices freely uses the mobile modem mostly outside of the OS’s control to download satellite almanac updates whenever it needs to, and submitting identifiers for your device over unencrypted HTTP
FFS did no one actually read the OP?
Yep. Personally I see e/OS on the Fairphone as a solid combo for allowing someone to slowly degoogle and take back control without giving up too many creature comforts. It 100% fulfils the software aspect of privacy IMO for the intended user.
It’s primarily the hardware trust aspect that I was thinking about when I wrote my earlier response. Personally, I’m just interested in privacy from the perspective of controlling my data and knowing what’s done with it
Has anyone independently verified that this is the case for the FP4? It’s well known that the FP3 accepts testsigned ROMs, but all discussions regarding the FP4’s trusted keys points back to the same FP3-specific thread on Fairphone’s forum.
I don’t know, it does make flashing custom ROMs easier but I would rather have to install my own signing keys or signing keys for the ROM as this way renders a part of the device security completely useless. I’d at least like to have known when I bought it.
I’m not paranoid which is why I’m still using the device but these three points were each huge disappointments which make me not want to buy another Fairphone.
Has anyone independently verified that this is the case for the FP4? It’s well known that the FP3 accepts testsigned ROMs, but all discussions regarding the FP4’s trusted keys points back to the same FP3-specific thread on Fairphone’s forum.
Personally I’m happy that I can sign and run my own ROM on my FP3 when the device’s OS reaches the end of the runway. The privacy concerns are valid, but personally I’d just reflash the onboard storage using FP’s tools if I was concerned about OS tampering
Hot take:
The Fairphone isn’t privacy-focused, it’s just a highly repairable device for what it is. I think it’s difficult to have both a privacy-focused & repairable platform in the form factor of a mobile phone right now - no manufacturer cares to make such a device, and if they did would you trust it? So many mobile hardware components are closed source and proprietary, so if they’ve got a vulnerability, the device is compromised anyway.
Pixels and iPhones are really the only exception to this that I’m aware of, but those aren’t really comparable to the Fairphone for repairability, with serialised components and difficult battery replacement being high up on the list.
It is definitely possible to have a well-implemented device from a privacy perspective, but I think it would be difficult to make a justifiable business case for one. The current Pixel+GOS model is the closest we’ll get for privacy IMO.
The Fairphone is just hardware. Privacy is mostly about software.
FFS did no one actually read the OP?
I was thinking more from the perspective of how much the closed-source proprietary hardware in the Fairphone can be trusted to guarantee your privacy. I had devices like the Pinephone and Librem phone in mind, which provide physical switches for the camera, microphone, GPS and mobile modem.
Another user gave the example I would have used here, where the GPS subsystem in Qualcomm devices freely uses the mobile modem mostly outside of the OS’s control to download satellite almanac updates whenever it needs to, and submitting identifiers for your device over unencrypted HTTP
Yep. Personally I see e/OS on the Fairphone as a solid combo for allowing someone to slowly degoogle and take back control without giving up too many creature comforts. It 100% fulfils the software aspect of privacy IMO for the intended user.
It’s primarily the hardware trust aspect that I was thinking about when I wrote my earlier response. Personally, I’m just interested in privacy from the perspective of controlling my data and knowing what’s done with it
It seems so.
I don’t know, it does make flashing custom ROMs easier but I would rather have to install my own signing keys or signing keys for the ROM as this way renders a part of the device security completely useless. I’d at least like to have known when I bought it.
I’m not paranoid which is why I’m still using the device but these three points were each huge disappointments which make me not want to buy another Fairphone.